<?php
session_start();
$currPage = "manage";
include("inc_header.php"); ?>

	<div id="content">
		<h2><a href="#">Manage Posts</a></h2>
		<div class="clearfix">
	
		<?php
			
			$host="mysql-user.cse.msu.edu"; // Host name
			$username="hewittry"; // Mysql username
			$password="A39777266"; // Mysql password
			$db_name="hewittry"; // Database name
			
			mysql_connect("$host", "$username", "$password")or die("cannot connect");
			mysql_select_db("$db_name")or die("cannot select DB");
			
			$query="SELECT * FROM VehicleForSale WHERE NonAdmins_AllUsers_LogonID='" . $_SESSION['username'] . "'";
			$result=mysql_query($query);
			
			$tableRows = "";
			while ($row = mysql_fetch_assoc($result))
			{
				$tableRows .= "<tr>";
				$tableRows .= "<td><img src='upload/" . $row["Photo"] . "' style='width: 50px; height: 50px;' /></td>";
				$tableRows .= "<td>" . $row["Make"] . " " . $row["Model"] . " " . $row["VehicleYear"] . "</td>";
				$tableRows .= "<td>$" . $row['Price'] . "<td>";
				$tableRows .= "<td><a href='editPost.php?id=" . trim($row["VehicleForSaleID"]) . "'>Edit</a> | <a href='deletePost.php?id=" . trim($row["VehicleForSaleID"]) . "'>Delete</a></td>";
				$tableRows .= "</tr>";			
			}
			
			
			
			if ($tableRows == "")
			{ 
				echo "<i>Oops! No announcements have been posted! How about <a href='postAnnouncement.php'>posting one</a>?";
			}
			else
			{
		?>
			<table cellpadding="20">
				<tr>
					<td></td>
					<td><strong>Vehicle</strong></td>
					<td><strong>Price</strong></td>
					<td><strong>Manage</strong></td>
				</tr>
				<?php echo $tableRows; ?>
			</table>
		<?php } ?>		
		</div>
	</div>

<?php include("inc_footer.php"); ?>
